| Industrial Control Systems (ICS) is widely used in national critical infrastructure, is the important aspects of running of oil and chemical industry, metallurgical production and transportation. With the deeper integration of ICS and computer technology, the relatively isolated industrial control systems are becoming open and facing the increasingly serious information security problem. To solve this problem, people have been looking to methods and techniques to ensure that the critical infrastructure can be operated safely. In recent years, some scholars have raised that intrusion detection technology is applied to detect the threats against the ICS.On the basic of reading a lot of references from home and abroad, information security situation of ICS and intrusion detection systems are summarized, anomaly detection techniques and algorithms are outlined in this paper. In order to overcome the weaknesses of previous protection methods applying to ICS, this paper presented a non-parametric CUSUM anomaly detection method based on industrial control model. Using the output-input dependent characteristics of ICS, establish mathematical model of ICS to predict system’s output, if the control system’s sensors are under attack, the actual output will change. Calculate the difference between the predicted output of industrial control model and measured signal by sensors, then form the time-based statistical sequence, adopt the modified non-parametric CUSUM algorithm to implement detection of the intrusion attacks and alarm.Simulation testing proved that the method has a good real-time performance and low false alarm rate. ICS also monitor the misuse of some help. |
PDF Full Text Request